mauirixxx
/
gwst
1
0
Fork 0
Código Issues 5 Pull requests 0 Versões 0 Wiki Atividade
Ver código fonte

initial commit 

everything from my local includes directory
pull/16/head
Rick Payton 7 anos atrás
pai
63479f27ef
commit
4f2110bb32
4 arquivos alterados com 111 adições e 0 exclusões
Visão unificada
Opções de diferenças
Mostrar estatísticas Baixar arquivo de patch Baixar arquivo de diferenças
  1. +11
    -0
      includes/title-select.php
  2. +19
    -0
      includes/title-submit.php
  3. +26
    -0
      includes/title-update.php
  4. +55
    -0
      includes/verifications.php

+ 11
- 0
includes/title-select.php Ver arquivo

@@ -0,0 +1,11 @@
<?php
$stmtview = $con->prepare("SELECT * FROM gwtitles ORDER BY titlename");
$stmtview->execute();
$result = $stmtview->get_result();
while ($row = $result->fetch_assoc()) {
$tid = $row['titlenameid'];
$tname = $row['titlename'];
echo '<option value="' . $tid . '">' . $tname . '</option>';
}
$stmtview->close();
?>

+ 19
- 0
includes/title-submit.php Ver arquivo

@@ -0,0 +1,19 @@
<?php
$stmtins = $con->prepare("INSERT INTO gwtitles (titlename, titletype) VALUES (?, ?)");
$stmtins->bind_param("si", $_POST['titlename'], $_POST['titletype']);
$stmtins->execute();
$stmtins->close();
echo 'New title added!<br /><br />';
$stmtview = $con->prepare("SELECT * FROM gwtitles ORDER BY titlenameid DESC LIMIT 1");
$stmtview->execute();
$result = $stmtview->get_result();
while ($row = $result->fetch_assoc()) {
$tid = $row['titlenameid'];
$tname = $row['titlename'];
$ttype = $row['titletype'];
echo '<table border="1"><tr><th>titleid</th><th>titlename</th><th>titletype</th></tr>';
echo '<tr><td>' . $tid . '</td><td>' . $tname . '</td><td>' . $ttype . '</td></tr></table><br />';
}
$stmtview->close();
echo 'Return to <a href="titlemanager.php" class="navlink">title manager</a>';
?>

+ 26
- 0
includes/title-update.php Ver arquivo

@@ -0,0 +1,26 @@
<?php
if (isset($_POST['deltitle'])) {
if ($_POST['deltitle'] =="yes") {
// this title makes you verify that you want to delete this title
echo '<form action="titlemanager.php" method="post">Please check the box to verify you want to delete: <b>' . $_POST['titlename'] . '</b> <input type="checkbox" name="deltitle" value="iamsure">';
echo '<input type="hidden" name="titlenameid" value="' . $_POST['titlenameid'] . '"><input type="hidden" name="title" value="updatetitle"><input type="submit" value="Delete title"></form><br /><br />';
} else if ($_POST['deltitle'] == "iamsure") {
// this section actually deletes the title
$stmtdel = $con->prepare("DELETE FROM gwtitles WHERE titlenameid = ?");
$stmtdel->bind_param("i", $_POST['titlenameid']);
$stmtdel->execute();
$stmtdel->close();
echo 'Title has been deleted, redirecting!';
header ("Refresh:1; url=titlemanager.php");
}
} else {
// this section updates the title name
$stmtupd = $con->prepare("UPDATE gwtitles SET titlename = ?, titletype = ? WHERE titlenameid = ?");
$stmtupd->bind_param("sii", $_POST['titlename'], $_POST['titletype'], $_POST['titlenameid']);
$stmtupd->execute();
$stmtupd->close();
echo 'Title updated, redirecting!';
header ("Refresh:1; url=titlemanager.php");
}
//echo 'Return to <a href="titlemanager.php" class="navlink">title manager</a>'; //this line needs to go away soon
?>

+ 55
- 0
includes/verifications.php Ver arquivo

@@ -0,0 +1,55 @@
<?php
# this function verifies that the e-mail address passed doesn't contain any illegal characters
function validateEmail($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL);
}

# this function verifies the desired e-mail address doesn't already exist in the database
function usedEmail($usedemail) {
$con = mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_NAME);
$sqlemailcheck = "SELECT usermail FROM userinfo WHERE userinfo.usermail = '" . $usedemail . "'";
$results = mysqli_query($con, $sqlemailcheck);
if (mysqli_num_rows($results) >= 1) {
echo '<hr><center>This e-mail address is already registered, please click on the forgot password link.<br /><a href="register.php" class="navlink">Please try again!</a><hr><br />';
include_once ('footer.php');
exit();
}
}
# this function verifies that a username doesn't already exist in the database
function validateUsername($uname) {
$con = mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_NAME);
$sqlunamecheck = "SELECT username FROM userinfo WHERE userinfo.username = '" . $uname . "'";
$results = mysqli_query($con, $sqlunamecheck);
if (mysqli_num_rows($results) >= 1) {
echo '<center>This username has already been taken, please choose another one<br /><a href="register.php" class="navlink">Please try again!</a><br />';
include_once ('footer.php');
exit();
}
}

####################
# verifying the username doesn't already exist in the database
$username = mysqli_real_escape_string($con, $_POST['username']);
validateUsername($username);

####################
# verifying the e-mail address is in a valid format
$verifyemail = validateEmail($_POST['useremail']);
if (empty($verifyemail)) {
echo '<center>This address: ' . $_POST['useremail'] . ' is not a valid e-mail address!<br />Please verify and type it again.<br />';
include_once ('footer.php');
exit();
}

usedEmail($_POST['useremail']);

####################
# verifying passwords match each other

if (($_POST['userpass1']) != ($_POST['userpass2'])) {
echo '<center>The passwords don\'t match!<br /><a href="register.php">Please try again!</a>';
include_once ('footer.php');
exit();
}
?>

Escrever Pré-visualização
Carregando…
Cancelar
Salvar